Privacy statement under the EU General Data Protection Regulation
Effective Date: 15.05.2018
This privacy statement applies to Hotel Latinka managed and operated by TOBO-HOTELS LTD. This privacy statement describes how we collect and use the personal data you provide when you stay at our hotel and use our services. It also describes the choices available to you regarding our use of your personal data and how you can access and update this data.
We may amend this privacy statement from time to time, so visit this page regularly to keep abreast of the updates.
The type of personal data we collect
Why do we collect, use and share your personal data?
with regulatory and legal obligations: We may use your personal data to comply
with regulatory and legal obligations. For us, it is mandatory to comply with
the Bulgarian legislation and laws such as Bulgarian Tourism Law, Bulgarian Law
for Address Registration, Law for the Registration of Foreign Citizens in the
· Fraud detection and prevention: we may use your personal data for the detection and prevention of fraud and other illegal or unwanted activities.
· Reservations - we use your personal data to complete and administer your reservation and to send you a confirmation email, a pre-arrival email and provide you with data about conditions of your accommodation.
· Customer service: we use your personal data to provide customer service.
· Guest reviews: we may use your contact data to invite you by email to write a guest review after your stay. This can help other travelers to choose the accommodation that suits them best.
· Marketing activities: we also use your data for marketing activities, as permitted by law.
· Other communications: there may be other times when we get in touch by email, by post, by phone or by texting you, depending on the contact data you share with us. There could be a number of reasons for this:
◦ We may need to respond to and handle requests you have made.
◦ If you have not finalized a reservation, we may email you a reminder to continue with your reservation. We believe that this additional service is useful to you because it allows you to carry on with a reservation without having to search for the accommodation again or fill in all the reservation details from scratch.
· Improving our services: finally, we use your personal data for analytical purposes, to improve our services, to enhance the user experience, and to improve the functionality and quality of our travel services.
How do we share your personal data with third parties?
We may share your personal data with third parties as set out below
· Competent authorities: We disclose personal data to law enforcement and other governmental authorities insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud.
· Third-party service providers: We may use service providers to process your personal data strictly on our behalf. This processing would be for purposes such as POS payments. These processors are bound by confidentiality clauses and are not allowed to use your personal data for their own purposes or any other purpose.
Deletion and Retention of Personal Data
We will retain your personal data for as long as we deem it necessary to provide services to you, comply with applicable laws (including those regarding document retention), resolve disputes with any parties and otherwise as necessary to allow us to conduct our business. All personal data we retain will be subject to this privacy statement.
What security procedures do we have in place to safeguard your personal data?
We use appropriate business systems and procedures to protect and safeguard any personal data given to us. We also use security procedures and technical and physical restrictions for accessing and using the personal information on our servers. Only authorized personnel are permitted to access personal information in the course of their work.
Accessing, updating and removing your personal data:
You may request to have access to your personal data we keep or to have your personal data updated, erased or blocked unless this proves impossible or involves a disproportionate effort. You have may request confirmation as to whether we process your personal data and what that data constitutes.
Where allowed under local law, you may request us to erase your personal data, if one of the following circumstances exist:
· your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
· if the processing was based on your consent and if you have withdrawn your consent, your consent has expired, or where there is no longer a legal ground for the processing of your personal data;
· If the processing is for direct marketing purposes or if you make a justifiable objection ;
· a court or regulatory authority has ruled that your personal data concerned must be erased;
· your personal data was unlawfully processed.
We ask you to keep your personal information accurate and up to date. If the personal data we have about you is incorrect, out-of-date or not relevant anymore for the purposes collected, we will update or remove it at your request. We kindly request you to contact
firstname.lastname@example.org. We kindly ask you to write “Request personal information” in the subject line of your email. We will respond to your request within 30 days. However, we may need to retain certain information, for example, for legal or administrative purposes, such
as record keeping or to detect fraudulent activities.
If you have any suggestions, requests or comments about privacy, personal data and how we handle personal information, you can send an email to:
You may also contact your local data protection authority with questions and complaints.